REMARKS 

[0003] Applicant respectfully requests reconsideration and allowance of all of the 
claims of the application. Claims 1, 2, 5-12, 15-22, 25, and 26 are presently pending. 
Claims amended herein are 1 , 1 1 and 2 1 . Claims withdrawn or cancelled herein are 3, 4, 
13, 14, 23 and 24. New claims added herein are none. 

Statement of Substance of Interview 

[0004] Examiner Dada graciously spoke with me — the undersigned representative 
for the Applicant — on July 23, 2007. Applicant greatly appreciates his willingness to talk. 
Such willingness is invaluable to both of us in our common goal of an expedited 
prosecution of this patent application. 

[0005] During the interview, we discussed how the claims differed from the cited art, 
namely Wood. Without conceding the propriety of the rejections and in the interest of 
expediting prosecution, we also discussed several possible clarifying amendments. 

[0006] The Examiner was receptive to the proposals, and I understood the Examiner 
to indicate that the proposed clarifying claim amendments appeared to distinguish over the 
cited art of record. For example, the Examiner indicated that clarification regarding 
measurement of strength of the authentication mechanism would appear to distinguish claim 
1 over the cited art, namely Wood. However, the Examiner indicated that he would need to 
review the cited art more carefully and/or do another search, and requested that the proposed 
amendments be presented in writing. 
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[0007] Applicant herein amends the claims in the manner discussed during the 
interview. Accordingly, Applicant submits that the pending claims are allowable over the 
cited art of record for at least the reasons discussed during the interview. 



Formal Request for an Interview 

[0008] If the Examiner's reply to this communication is anything other than 
allowance of all pending claims, then I formally request an interview with the Examiner. 
I encourage the Examiner to call me — the undersigned representative for the Applicant — 
so that we can talk about this matter so as to resolve any outstanding issues quickly and 
efficiently over the phone. 

[0009] Please contact me or my assistant to schedule a date and time for a 
telephone interview that is most convenient for both of us. While email works great for 
us, I welcome your call to either of us as well. Our contact information may be found on 
the last page of this response. 
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Claim Amendments 

[0010] Without conceding the propriety of the rejections herein and in the interest of 
expediting prosecution, Applicant amends claims 1,11 and 21 herein. Applicant amends 
claims to clarify claimed features in accordance with our telephone discussion with the 
examiner. Such amendments are made to expedite prosecution and quickly identify 
allowable subject matter. Such amendments are merely intended to clarify the claimed 
features, and should not be construed as further limiting the claimed invention in 
response to cited prior art. 

Substantive Matters 

Claim Rejections under § 112 

[0011] Claims 21, 22, 25, and 26 are rejected under 35 U.S.C. § 112, 2 nd % In light 
of the amendments presented herein, Applicant submits that these rejections are moot. 
Accordingly, Applicant asks the Examiner to withdraw these rejections. 

Claim Refections under $ 102 

[0012] Claims 1,2, 5-12, 15-22, 25, and 26 are rejected under 35 U.S.C. § 102. In 
light of the amendments presented herein and the decisions/agreements reached during 
the above-discussed Examiner interview, Applicant submits that these rejections are 
moot. Accordingly, Applicant asks the Examiner to withdraw these rejections. 
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[0013] The Examiner rejects claims 1, 2, 5-12, 15-22, 25, and 26 under §102. For 
at least the reasons discussed during the above mentioned Examiner's Interview and the 
reasons set forth below, the Examiner has not shown that cited references anticipate the 
rejected claims. Accordingly, Applicant respectfully requests that the § 102 rejections be 
withdrawn and the case be passed along to issuance. 

[0014] The Examiner's rejections are based upon: Wood: Wood, et al, US Patent 
No. 6,609,198 (issued Aug. 19, 2003). 

Overview of the Application 

[0015] The Application describes a technology for improved methods and 
arrangements for controlling access to resources in a computing environment. The 
methods and arrangements specifically identify the authentication 
mechanism/mechanisms, and/or characteristics thereof, used in verifying a user, to 
subsequently operating security mechanisms. Thus, differentiating user requests based 
on this additional information provides additional control. 

[0016] By way of example, the above-stated needs and others are met by a method 
for use in a computer capable of supporting multiple authentication mechanisms. The 
method includes generating an operating system representation (e.g., a security token, 
etc) of at least one identity indicator, for example, a user or account identity, associated 
with and identifying at least one authentication mechanism, and subsequently controlling 
access to at least one resource based on the operating system representation. In certain 
implementations, the method further includes generating at least one security identifier 
(SID) that identifies the authentication mechanism in some way, for example, by name or 
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number and/or perhaps by measure of strength such as the type/length of an encryption 
process/key employed by the authentication mechanism. In other implementations, for 
example, the method includes comparing the operating system representation to at least 
one access control list having at least one access control entry therein. Here, for example, 
the access control entry may operatively specify whether the user authenticated by the 
authentication mechanism is permitted to access the resource. 



Cited Reference 

Wood 

[0017] Wood describes a technology for a single sign-on for multiple information 
resources. Rather than specifying a single authentication scheme for all information 
resources, the security architecture associates trust-level requirements with information 
resources. Authentication schemes (e.g., those based on passwords, certificates, biometric 
techniques, smart cards, etc.) are employed depending on the trust-level requirement(s) of 
an information resource (or information resources) to be accessed. Once credentials have 
been obtained for an entity and the entity has been authenticated to a given trust level, 
access is granted, without the need for further credentials and authentication, to 
information resources for which the authenticated trust level is sufficient. The security 
architecture allows upgrade of credentials for a given session. This capability is 
particularly advantageous in the context of a single, enterprise-wide log-on. An entity 
(e.g., a user or an application) may initially log-on with a credential suitable for one or 
more resources in an initial resource set, but then require access to resource requiring 
authentication at higher trust level. In such case, the log-on service allows additional 
credentials to be provided to authenticate at the higher trust level. The log-on service 
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allows upgrading and/or downgrading without loss of session continuity (i.e., without 
loss of identity mappings, authorizations, permissions, and environmental variables, etc.). 



Anticipation Rejections 

[0018] Applicant submits that the anticipation rejections are not valid because, for 
each rejected claim, no single reference discloses each and every element of that rejected 
claim. 1 Furthermore, the elements disclosed in the single reference are not arranged in 
the manner recited by each rejected claim. 2 

Based upon Wood 

[0019] The Examiner rejects claims 1, 2, 5-12, 15-22, 25, and 26 under 35 U.S.C. 
§ 102(e) as being anticipated by Wood. Applicant respectfully traverses the rejections of 
these claims. Based on the reasons given below, Applicant asks the Examiner to withdraw 
the rejection of these claims. 

Independent Claims 1, 11, and 21 

[0020] Applicant submits that Wood does not anticipate these claims because it 
does not show or disclose the following elements as recited in these claims (from claim 1, 
with emphasis added): 



1 "A claim is anticipated only if each and every element as set forth in the claim is found, either expressly or 
inherently described, in a single prior art reference." Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 628, 
631, 2 USPQ2d 1051, 1053 (Fed. Or. 1987); also see MPEP §2131. 

2 See In re Bond, 910 F.2d 831, 15 USPQ2d 1566 (Fed. Cir. 1990) 
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• generating at least one indicator that identifies a user, and is associated with 
and identifies at least one authentication mechanism that has been used to 
authenticate the user, wherein generating the indicator further includes 
identifying within the indicator at least one characteristic associated with the 
authentication mechanism, wherein the at least one characteristic associated 
with the authentication mechanism includes a measure of strength of the 
authentication mechanism, wherein the measure of strength of the 
authentication mechanism depends on the length of key employed in an 
encryption process. 

[0021] In this Action, the Examiner equates the trust level disclosed by Smith with 
the "measure of strength of the authentication mechanism" recited in this claim. 
Applicant respectfully disagrees. 

[0022] Unlike the "measure of strength of the authentication mechanism" of 

the claim, the trust level of Wood is not characterized as being dependent on the type of 
encryption process used and particularly the length of key employed The trust level of 
Wood is an assigned value independent of any other assigned values. The assigned value of 
Wood's trust level does not account for a measurement of strength of the authentication 
mechanism used to authenticate users as is claimed, but rather is directed to which 
assigned level of trust is necessary to access a given resource in context. 

[0023] Consequently, Wood does not disclose all of the claimed elements and 
features of these claims. Accordingly, Applicant asks the Examiner to withdraw the 
rejections of these claims. 
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Independent Claim 21 

[0024] Applicant further submits that Wood does not anticipate claim 6 2 1 because 
it does not show or disclose "an access control list." 

[0025] In this Action, it is unclear what the Examiner equates to the "access 
control list" recited in this claim. Applicant respectfully disagrees with the rejection. 

[0026] Unlike the "access control list" of the claim, Wood does not disclose an 
access control list (ACL). Instead, Wood describes a gatekeeper extracting login 
credentials from a request and passing the credentials to an authentication component which 
if authenticated queries an identification component to identify the requesting entity. Wood 
also merely describes a trust level as discussed above. However, Wood does not describe 
any access control list or comparing an indicator with the features claimed to any access 
control list. 

Dependent Claim 6 

[0027] This claim ultimately depends upon independent claim 1. As discussed 
above, claim 1 is allowable. It is axiomatic that any dependent claim which depends 
from an allowable base claim is also allowable. Additionally, some or all of the 
dependent claims may also be allowable for additional independent reasons. 

[0028] Applicant further submits that Wood does not anticipate claim 6 because it 
does not show or disclose "controlling access to the resource based on the indicator 
further includ[ing] comparing the indicator to at least one access control list having at 
least one access control entry therein." 
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[0029] Consequently, Wood does not disclose all of the claimed elements and 
features of these claims. Accordingly, Applicant asks the Examiner to withdraw the 
rejections of these claims. 



Dependent Claims 

[0030] In addition to its own merits, each dependent claim is allowable for the 
same reasons that its base claim is allowable. Applicant requests that the Examiner 
withdraw the rejection of each dependent claim where its base claim is allowable. 

Conclusion 

[0031] All pending claims are in condition for allowance. Applicant respectfully 
requests reconsideration and prompt issuance of the application. If any issues remain 
that prevent issuance of this application, the Examiner is urged to contact me before 
issuing a subsequent Action . Please call/email me or my assistant at your convenience. 



Respectfully Submitted, 



Beatrice L. Koempel-Thomas 
Reg. No. 58213 
(509) 324-9256x259 
bea@leehayes.com 
www.leehayes.com 



My Assistant: Carly Bokarica 
(509) 324-9256x264 
carly@leehayes.com 
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